-   Make sure you request the `offline_access` scope to get a refresh token and keep access with your integration.
-   Microsoft offers a tool that allows you to construct and perform Graph API queries and see their response for any apps on which you have an admin, developer, or tester role. For more information you can check [Microsoft Graph Explorer](https://developer.microsoft.com/en-us/graph/graph-explorer).
-   Please be aware that the Microsoft Graph API implements throttling to manage the volume of requests. For more information on handling throttling, refer to the [Microsoft Graph Throttling Guidance](https://learn.microsoft.com/en-us/graph/throttling).
-   Microsoft Graph API has different versions (v1.0 and beta). The v1.0 endpoint is for production use, while the beta endpoint contains features that are still in preview.
-   When requesting permissions that require admin consent, users without admin privileges will not be able to complete the OAuth flow unless an admin has pre-authorized the permissions.
-   For multitenant applications, you may need to handle tenant-specific endpoints and permissions.
-   You can set the [`.default` scope documentation](https://learn.microsoft.com/en-us/entra/identity-platform/scopes-oidc#default-when-the-user-gives-consent) to ensure the permissions remain the same as those granted at the organization level.
-   The `.default` scope can't be combined with the scopes registered in the Azure portal. So either just use the `.default` scope or remove it to list out explicit parameters that are required. If you attempt to combine them you'll receive the following error
```
.default scope can't be combined with resource-specific scopes
```
-   If you need a user to reauthenticate or accept updated scopes, you can force a prompt using the `authorization_params`. Use `prompt=login` to force the user to enter their credentials (bypassing single-sign on) or `prompt=consent` to trigger the OAuth consent dialog after sign-in, which asks the user to grant permissions to the app. For more details, see [Microsoft's OAuth 2.0 authorization documentation](https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-auth-code-flow#request-an-authorization-code).

```typescript
const { data } = await nango.createConnectSession({
  [...],
  integrations_config_defaults: {
    "<provider-name>": {
      authorization_params: {
        "prompt": "consent" // or "login" depending on your needs
      }
    }
  }
});
```
